10 December 2019 Show Notes 00:02:59 Android Permanent DoS (CVE-2019-2232) 00:08:09 Inferring and hijacking VPN-tunneled TCP connections (CVE-2019-14899) 00:16:00 An Update on Android TLS Adoption 00:25:11 Mozilla and Opera remove Avast extensions from their add-on stores Additional Links: https://palant.de/2019/10/28/avast-online-security-and-avast-secure-browser-are-spying-on-you/ 00:43:05 Tron: Evolution SecuROM DRM expiration makes game unplayable 9 years after release 00:50:12 Millions of Americans at Risk After Huge Data and SMS Leak 00:54:14 Nebraska Medicine Breached by Rogue Employee 00:56:56 Practical Pentest Labs stores passwords in plaintext 01:05:07 Incident Report | 2019-11-24 Account Takeover via Disclosed Session Cookie 01:13:28 Authentication vulnerabilities in OpenBSD (CVE-2019-19521) 01:24:36 Symantec Endpoint Protection Local Privilege Escalation (CVE-2019-12750) 01:30:09 Omron PLC Denial-of-Service as a Feature Additional Links: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H https://github.com/Ox6e3062306479/omron/blob/master/cj2m.fins.dos.py 01:38:35 FIRST CONTACT: New vulnerabilities in contactless payments 01:46:39 Fuzzing Sega Genesis Emulators 01:50:30 Verifiable Voting Primer Additional Links: https://www.youtube.com/watch?v=LkH2r-sNjQs